I was interviewed a while back for an article on slate.com about the FBI’s recent request for help in decoding an encrypted message found on the body of a murder victim. In the course of my discussion with the reporter, she asked me why ciphers are so hard to break; in response, I pointed to the amazing successes by the Allies in World War II in breaking, among others, the Enigma code. Maybe that was a mistake, because she then asked me why amateur ciphers (like the Beale cipher, the cipher used by the Zodiac killer, and the one the FBI is interested) in were so secure, and why amateurs were apparently just as good at designing ciphers as, well, real cryptographers. At one point it even sounded as if she were suggesting that we should use amateur ciphers to encrypt our communication on the Internet…
In an attempt to correct these misimpressions, I came up with a list of reasons why it should not be surprising that breaking the Enigma code (to take one example) was easier than breaking many of the “unsolved” amateur ciphers that are out there or, conversely, why it is easier to design a “secure” amateur cipher but very difficult to design a secure encryption scheme for, say, military applications:
- Fundamentally, most amateur ciphers are not really encryption schemes in the sense that they are intended to hide information but are not usually intended or used to communicate information between two parties. In particular, amateur ciphers don’t usually require there to be a decryption algorithm (whether efficient or not). This is doubly true for ciphers that are intended purely as “puzzles” (e.g., in the case of the Zodiac killer).
- Modern ciphers are required to be secure even if the algorithm is known; secrecy of the key should be enough. In contrast, amateur ciphers have the advantage of using a completely unknown algorithm. (Is this an argument that “security by obscurity” can be beneficial?)
- Modern ciphers are required to be secure even when the same key is used to encrypt tons of data of a relatively predictable form (e.g., military orders in German), and even if the cryptanalyst has lots of plaintext/ciphertext pairs. Amateur ciphers are typically used to encrypt a very small amount of data of completely unknown form (even the underlying language may not be known), and certainly no plaintext/ciphertext pairs are available.
- For any given amateur ciphertext, it is possible that a “solution” is not even possible. For example, there is no reason why someone who really wanted to hide a small amount of text could not just use some version of the one-time pad, writing the key on a piece of paper stored in one location, and the ciphertext on another piece of paper stored somewhere else. Constructing an “unbreakable” cipher is easy if efficiency is not a concern. I wonder also about many of the ciphers intended purely as “puzzles” — who says that a solution is possible? Or maybe the person who generated the ciphertext made several mistakes in the course of writing it out, to the point where even the correct solution would not be convincing?
- Finally, it is clear that less effort is being spent on cryptanalysis of most amateur ciphers than was expended on breaking Enigma. (This is not an argument for why it is easier to break Enigma, but justifies why Engima was eventually broken even though the Beale cipher is not.)